要怎麼設定規則??最近常收到的垃圾信[email protected]
最近常有這樣的規則的垃圾信<br>[email protected] <br>[email protected]<br><br>March Fun大大在<br>垃圾信反制教學班<br>Hotmail 隨機帳號攻擊之反制<br>有<br>*.*@hotmail.com這樣的規則<br>但是封鎖帳號開頭<br>*.*@*.com 或 *.*@*.org<br>風險太大了....<br>例如中國信託的email帳號 <br>[email protected]<br>影響層面太大...<br>有沒有什麼好的規則呢?<br><br>-------------------------------<br>Mon 2005-05-16 13:12:26: Session 7992; child 1; thread 896<br>Mon 2005-05-16 13:12:24: Accepting SMTP connection from <br>Mon 2005-05-16 13:12:24: Looking up PTR record for 220.165.205.47 (47.205.165.220.IN-ADDR.ARPA)<br>Mon 2005-05-16 13:12:25: Name server reports domain name unknown<br>Mon 2005-05-16 13:12:25: --> 220 mail.aaaa.com.tw ESMTP MDaemon 7.2.1; Mon, 16 May 2005 13:12:25 +0800<br>Mon 2005-05-16 13:12:25: <-- HELO cbrendabrenda.com<br>Mon 2005-05-16 13:12:25: --> 250 mail.aaaa.com.tw Hello cbrendabrenda.com, pleased to meet you<br>Mon 2005-05-16 13:12:26: <-- MAIL FROM:<[email protected]><br>Mon 2005-05-16 13:12:26: --> 250 <[email protected]>, Sender ok<br>Mon 2005-05-16 13:12:26: <-- RCPT TO:<[email protected]><br>Mon 2005-05-16 13:12:26: --> 250 <[email protected]>, Recipient ok<br>Mon 2005-05-16 13:12:26: <-- DATA<br>Mon 2005-05-16 13:12:26: Creating temp file (SMTP): c:\mdaemon\temp\md50000004048.tmp<br>Mon 2005-05-16 13:12:26: --> 354 Enter mail, end with <CRLF>.<CRLF><br>Mon 2005-05-16 13:12:26: Message creation successful: c:\mdaemon\inbound\md50000097962.msg<br>Mon 2005-05-16 13:12:26: --> 250 Ok, message saved <Message- 這樣是有點難...如果都是假的網域,沒有規則可循。<br><br>不過有一句...<br><span style='color:red'>Mon 2005-05-16 13:12:25: Name server reports domain name unknown</span><br><br>名稱伺服器已回報找不到該網域,但信還是進來,可見你沒有開啟反查的功能;有開的話這封信是不會通過的。 謝謝大大說明<br><br>上面貼的問題是我昨天按照「垃圾信反制教學班」<br>中的文章進行設定之前的問題。<br>昨天設定規則後垃圾信件確實少了很多... :)<br><br><br>但是接踵而來的是該收到卻沒有收到的信.....<br>下面這段是yahoo webmail寄的信件<br>應該在反查的時候就發生了<br>Performing lookup on yahoo.com.tw (looking for 202.43.200.236)<br>501 This server will not accept forged credentials; you are not 'yahoo.com.tw'<br><br>同樣的情況還出現在滿多信件的...<br>會不會擋了垃圾信...<br>正常的信也被擋了<br>---------------------<br>Tue 2005-05-17 10:55:47: Accepting SMTP connection from <br>Tue 2005-05-17 10:55:47: Looking up PTR record for 202.43.200.236 (236.200.43.202.IN-ADDR.ARPA)<br>Tue 2005-05-17 10:55:47: D=236.200.43.202.IN-ADDR.ARPA TTL=(20) PTR=<br>Tue 2005-05-17 10:55:47: Gathering A-records for PTR hosts<br>Tue 2005-05-17 10:55:47: D=web17908.mail.tpe.yahoo.com TTL=(30) A=<br>Tue 2005-05-17 10:55:47: --> 220 mail.aaaa.com.tw ESMTP MDaemon 7.2.1; Tue, 17 May 2005 10:55:47 +0800<br>Tue 2005-05-17 10:55:47: <-- HELO web17908.mail.tpe.yahoo.com<br>Tue 2005-05-17 10:55:47: Performing lookup on web17908.mail.tpe.yahoo.com (looking for 202.43.200.236)<br>Tue 2005-05-17 10:55:47: D=web17908.mail.tpe.yahoo.com TTL=(30) A=<br>Tue 2005-05-17 10:55:47: --> 250 mail.aaaa.com.tw Hello web17908.mail.tpe.yahoo.com, pleased to meet you<br>Tue 2005-05-17 10:55:47: <-- MAIL FROM:<[email protected]><br>Tue 2005-05-17 10:55:47: Performing lookup on yahoo.com.tw (looking for 202.43.200.236)<br>Tue 2005-05-17 10:55:47: D=yahoo.com.tw TTL=(76) A=<br>Tue 2005-05-17 10:55:47: P=001 D=yahoo.com.tw TTL=(76) MX= {202.43.201.250}<br>Tue 2005-05-17 10:55:47: P=001 D=yahoo.com.tw TTL=(76) MX= {202.43.200.11}<br>Tue 2005-05-17 10:55:47: --> 501 This server will not accept forged credentials; you are not 'yahoo.com.tw'<br>Tue 2005-05-17 10:55:47: SMTP session terminated (Bytes in/out: 70/238)<br>Tue 2005-05-17 10:55:47: ---------- 只要通不過反查的都會被擋下,不過正常的 yahoo 應該是沒有問題的。<br><br>任何事都必須有所取捨,就看你們自己的需求了。 真的很不錯喎……又學會了一招!多謝 我最後設定可以收到yahoo web mail的設定值為<br>Security<br>Reverse Lookup:<br>V. Perform reverse PTR record lookup on inbound SMTP connections<br>V. Perform lookup on HELO/EHLO domain<br> V. Refuse to accept mail if a lookup returns "domain not found" <br>V. Perform lookup on value passed in the MAIL command <br> V. Refuse to accept mail if a lookup returns "domain not found" <br>V. Insert "X-Lookup-Warning" header into suspicious messages <br><br>這樣就不會把yahoo的mail擋掉了 那如果是501 This server will not accept forged credentials; you are not '1.2.3.4'
1.2.3.4為自己的ip
這需要怎麼設定入排除名單!?
頁:
[1]